The data of over 600 thousand Email.it email accounts are on sale on the Dark Web. ZDNet talks about it, the site that the Italian company has confirmed to have been the victim of a hacker attack. The fact did not occur recently, but two years ago, in January 2018 and has continued until today.
The hackers themselves, known as NN (No Name) Hacking Group, say it in a Twitter post in which they say they had access to 44 databases, the data of 600 thousand users with cleartext passwords, answers to security questions, SMS and FAX sent in clear text and to complete everything, "messages and attachments sent and received from all 600 thousand mailboxes". All information stored on the Italian company's servers between 2007 and 2020. Hackers also claimed to have "exfiltrated" the source code of all Email.it web apps, including administration applications and those aimed at customers.
Cyber criminals claim to be entered an Email.it server over 2 years ago and since then I have collected any sensitive data present. "We decided to give them the opportunity to patch the holes by asking for a small reward. They refused to speak to us and continued to deceive their users / customers. They didn't contact their users / customers after the violations!"hackers said. Failed to extort money (February 1), hackers started sell the data in their possession at a price that varies between 0.5 and 3 Bitcoins, that is between 3500 and 22000 dollars.
A spokesman for Email.it told Zdnet that the company has succeeded refused to pay and contacted CNAIPIC (National Cybercrime Center for the protection of critical infrastructures). The provider clarified that no financial information was hosted on the hacked server.
The company also told Zdnet that it has updated the server and informed the authorities, including also the Guarantor for the protection of personal data. Safe, apparently, even business accounts, as the information on paying customers was not stored on the compromised server.
